Perfect Zero-Knowledge PCPs for #P

TL;DR

This work constructs perfect zero-knowledge probabilistically checkable proofs (PZK-PCPs) for every language in #P and introduces the notion of locally simulatable encodings: randomised encodings in which every local view of the encoding can be efficiently sampled given a local view of the message.

Abstract

We construct perfect zero-knowledge probabilistically checkable proofs (PZK-PCPs) for every language in #P. This is the first construction of a PZK-PCP for any language outside BPP. Furthermore, unlike previous constructions of (statistical) zero-knowledge PCPs, our construction simultaneously achieves non-adaptivity and zero knowledge against arbitrary (adaptive) polynomial-time malicious verifiers. Our construction consists of a novel masked sumcheck PCP, which uses the combinatorial nullstellensatz to obtain antisymmetric structure within the hypercube and randomness outside of it. To prove zero knowledge, we introduce the notion of locally simulatable encodings: randomised encodings in which every local view of the encoding can be efficiently sampled given a local view of the message. We show that the code arising from the sumcheck protocol (the Reed-Muller code augmented with subcube sums) admits a locally simulatable encoding. This reduces the algebraic problem of simulating our masked sumcheck to a combinatorial property of antisymmetric functions.

Figures (1)

• Figure 1: A general antisymmetric matrix ($n = 5$), with an element of the dual highlighted ($r = 2, t = 7$).

Theorems & Definitions (115)

• Theorem 1: Informally stated, see \ref{['thm:main']}
• Remark 1.1
• Theorem 2: informal, see \ref{['thm:rm-constraint-detector']}
• Lemma 1
• Theorem 2.1: Informally stated, see \ref{['theorem:sigma-rm-dual-z']}
• Definition 3.2
• Definition 3.3
• Definition 3.4
• Definition 3.5: Zero codes
• Definition 3.6: Sum codes